Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

JSA Vulnerability Manager Endpoints

 

Use the references for REST API V9.0 JSA Vulnerability Manager endpoints.

GET /qvm/assets

List the assets with discovered vulnerabilities present in the asset model. The response contains all available RESTful resources.

Table 1: GET /qvm/assets Resource Details

MIME Type

application/json

Table 2: GET /qvm/assets Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

savedSearchId

query

Optional

String

text/plain

Id of saved search

savedSearchName

query

Optional

String

text/plain

Saved search name

filters

query

Optional

Array<Object>

application/json

List of JSON objects for application of bespoke query search dataset filter. Format [{"parameter":"<value>", "operator":"<value>", "value":"<value>"}] e.g. [{"parameter":"IPv4 Address", "operator":"Equals", "value":"10.100.85.111"}]

Table 3: GET /qvm/assets Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities by asset completed successfully

420

9101

Invalid search parameters, search cannot be performed

Response Description

list of assets data

Response Sample

GET /qvm/filters

Get a list of the allowable filters that can be used or applied against /qvm endpoints.

  • /qvm/assets

  • /qvm/vulns

  • /qvm/vulninstances

  • /qvm/openservices

  • /qvm/networks

  • queries

Table 4: GET /qvm/filters Resource Details

MIME Type

application/json

There are no parameters for this endpoint.

Table 5: GET /qvm/filters Response Codes

HTTP Response Code

Unique Code

Description

200

 

The search executed successfully

420

9102

An error occurred while executing the search

Response Description

list of Filters.

Response Sample

GET /qvm/network

List the networks present in the asset model with vulnerabilities present. The response contains all available RESTful resources

Table 6: GET /qvm/network Resource Details

MIME Type

application/json

Table 7: GET /qvm/network Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

savedSearchId

query

Optional

String

text/plain

Id of saved search

savedSearchName

query

Optional

String

text/plain

Saved search name

filters

query

Optional

Array<Object>

application/json

List of JSON objects for application of bespoke query search dataset filter. Format [{"parameter":"<value>", "operator":"<value>", "value":"<value>"}] e.g. [{"parameter":"IPv4 Address", "operator":"Equals", "value":"10.100.85.111"}]

Table 8: GET /qvm/network Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities by network completed successfully

420

9101

Invalid search parameters, search cannot be performed

Response Description

list of network related data

Response Sample

GET /qvm/openservices

List the openservices present in the asset model with vulnerabilities present. The response will contain all available RESTful resources

Table 9: GET /qvm/openservices Resource Details

MIME Type

application/json

Table 10: GET /qvm/openservices Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

savedSearchId

query

Optional

String

text/plain

Id of saved search

savedSearchName

query

Optional

String

text/plain

Saved search name

filters

query

Optional

Array<Object>

application/json

List of JSON objects for application of bespoke query search dataset filter. Format [{"parameter":"<value>", "operator":"<value>", "value":"<value>"}] e.g. [{"parameter":"IPv4 Address", "operator":"Equals", "value":"10.100.85.111"}]

Table 11: GET /qvm/openservices Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities by open service completed successfully

420

9101

Invalid search parameters, search cannot be performed

Response Description

list of open services related data

Response Sample

GET /qvm/saved_search_groups

Retrieves a list of vulnerability saved search groups.

Table 12: GET /qvm/saved_search_groups Resource Details

MIME Type

application/json

Table 13: GET /qvm/saved_search_groups Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Table 14: GET /qvm/saved_search_groups Response Codes

HTTP Response Code

Unique Code

Description

200

 

The vulnerability saved search groups were returned.

500

1020

An error occurred during the attempt to retrieve the vulnerability saved search groups.

Response Description

List of the Group objects. A Group object contains the following fields:

  • id - Long - The ID of the group.

  • parent_id - Long - The ID of the parent group (default resources can have localized names).

  • type - String - The type of the group.

  • level - Long - The depth of the group in the group hierarchy.

  • name - String - The name of the group (default groups can have localized names).

  • description - String - The description of the group (default groups can have localized names).

  • owner - String - The owner of the group.

  • modified_time - Long - The time in milliseconds since epoch since the group was last modified.

  • child_group_ids - Array of Longs - List of the child group IDs.

Response Sample

[ { "child_groups": [ 42 ], "child_items": [ "String" ], "description": "String", "id": 42, "level": 42, "modified_time": 42, "name": "String", "owner": "String", "parent_id": 42, "type": "String <one of: LOG_SOURCE_GROUP, REPORT_GROUP, RULE_GROUP, EVENT_SAVED_SEARCH_GROUP, FLOW_SAVED_SEARCH_GROUP, OFFENSE_SAVED_SEARCH_GROUP, QRM_SAVED_SEARCH_GROUP, MODEL_SAVED_SEARCH_GROUP, QUESTION_SAVED_SEARCH_GROUP, SIMULATION_SAVED_SEARCH_GROUP, TOPOLOGY_SAVED_SEARCH_GROUP, ASSET_SAVED_SEARCH_GROUP, VULNERABILITY_SAVED_SEARCH_GROUP>" } ]

GET /qvm/saved_search_groups/{group_id}

Retrieves a vulnerability saved search group.

Table 15: GET /qvm/saved_search_groups/{group_id} Resource Details

MIME Type

application/json

Table 16: GET /qvm/saved_search_groups/{group_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

group_id

path

Required

Number (Integer)

text/plain

null

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 17: GET /qvm/saved_search_groups/{group_id} Response Codes

HTTP Response Code

Unique Code

Description

200

 

The vulnerability saved search group was retrieved.

404

1002

The vulnerability saved search group does not exist.

422

1005

null

500

1020

An error occurred during the attempt to retrieve the vulnerability saved search group.

Response Description

A single Group object. A Group object contains the following fields:

  • id - Long - The ID of the group.

  • parent_id - Long - The ID of the parent group. (default resources can have localized names).

  • type - String - The type of the group.

  • level - Long - The depth of the group in the group hierarchy.

  • name - String - The name of the group (default groups can have localized names).

  • description - String - The description of the group (default groups can have localized names).

  • owner - String - The owner of the group.

  • modified_time - Long - The time in milliseconds since epoch since the group was last modified.

  • child_group_ids - Array of Longs - List of the child group IDs.

Response Sample

{ "child_groups": [ 42 ], "child_items": [ "String" ], "description": "String", "id": 42, "level": 42, "modified_time": 42, "name": "String", "owner": "String", "parent_id": 42, "type": "String <one of: LOG_SOURCE_GROUP, REPORT_GROUP, RULE_GROUP, EVENT_SAVED_SEARCH_GROUP, FLOW_SAVED_SEARCH_GROUP, OFFENSE_SAVED_SEARCH_GROUP, QRM_SAVED_SEARCH_GROUP, MODEL_SAVED_SEARCH_GROUP, QUESTION_SAVED_SEARCH_GROUP, SIMULATION_SAVED_SEARCH_GROUP, TOPOLOGY_SAVED_SEARCH_GROUP, ASSET_SAVED_SEARCH_GROUP, VULNERABILITY_SAVED_SEARCH_GROUP>" }

POST /qvm/saved_search_groups/{group_id}

Updates the owner of an vulnerability saved search group.

Table 18: POST /qvm/saved_search_groups/{group_id} Resource Details

MIME Type

application/json

Table 19: POST /qvm/saved_search_groups/{group_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

group_id

path

Required

Number (Integer)

text/plain

null

fields

header

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 20: POST /qvm/saved_search_groups/{group_id} Request Body Details

Parameter

Data Type

MIME Type

Description

Sample

group

Object

application/json

Required - Group object with the owner set to a valid deployed user.

{ "child_groups": [ 42 ], "child_items": [ "String" ], "description": "String", "id": 42, "level": 42, "name": "String", "owner": "String", "parent_id": 42, "type": "String <one of: LOG_SOURCE_GROUP, REPORT_GROUP, RULE_GROUP, EVENT_SAVED_SEARCH_GROUP, FLOW_SAVED_SEARCH_GROUP, OFFENSE_SAVED_SEARCH_GROUP, QRM_SAVED_SEARCH_GROUP, MODEL_SAVED_SEARCH_GROUP, QUESTION_SAVED_SEARCH_GROUP, SIMULATION_SAVED_SEARCH_GROUP, TOPOLOGY_SAVED_SEARCH_GROUP, ASSET_SAVED_SEARCH_GROUP, VULNERABILITY_SAVED_SEARCH_GROUP>" }

Table 21: POST /qvm/saved_search_groups/{group_id} Response Codes

HTTP Response Code

Unique Code

Description

200

 

The vulnerability saved search group was updated.

404

1002

The vulnerability saved search group does not exist.

409

1004

The provided user does not have the required capabilities to own the vulnerability saved search group.

422

1005

A request parameter is not valid.

500

1020

An error occurred during the attempt to update the vulnerability saved search group.

Response Description

The updated Group object. A Group object contains the following fields:

  • id - Long - The ID of the group.

  • parent_id - Long - The ID of the parent group (default resources can have localized names).

  • type - String - The type of the group.

  • level - Long - The depth of the group in the group hierarchy.

  • name - String - The name of the group (default groups can have localized names).

  • description - String - The description of the group (default groups can have localized names).

  • owner - String - The owner of the group.

  • modified_time - Long - The time in milliseconds since epoch since the group was last modified.

  • child_group_ids - Array of Longs - List of the child group IDs.

Response Sample

{ "child_groups": [ 42 ], "child_items": [ "String" ], "description": "String", "id": 42, "level": 42, "modified_time": 42, "name": "String", "owner": "String", "parent_id": 42, "type": "String <one of: LOG_SOURCE_GROUP, REPORT_GROUP, RULE_GROUP, EVENT_SAVED_SEARCH_GROUP, FLOW_SAVED_SEARCH_GROUP, OFFENSE_SAVED_SEARCH_GROUP, QRM_SAVED_SEARCH_GROUP, MODEL_SAVED_SEARCH_GROUP, QUESTION_SAVED_SEARCH_GROUP, SIMULATION_SAVED_SEARCH_GROUP, TOPOLOGY_SAVED_SEARCH_GROUP, ASSET_SAVED_SEARCH_GROUP, VULNERABILITY_SAVED_SEARCH_GROUP>" }

DELETE /qvm/saved_search_groups/{group_id}

Deletes a vulnerability saved search group.

Table 22: DELETE /qvm/saved_search_groups/{group_id} Resource Details

MIME Type

text/plain

Table 23: DELETE /qvm/saved_search_groups/{group_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

group_id

path

Required

Number (Integer)

text/plain

null

Table 24: DELETE /qvm/saved_search_groups/{group_id} Response Codes

HTTP Response Code

Unique Code

Description

204

 

The vulnerability saved search group was deleted.

404

1002

The vulnerability saved search group does not exist.

409

1004

null

500

1020

An error occurred during the attempt to delete the vulnerability saved search group.

Response Description

Response Sample

GET /qvm/saved_searches

Retrieves a list of vulnerability instance saved searches.

Table 25: GET /qvm/saved_searches Resource Details

MIME Type

application/json

Table 26: GET /qvm/saved_searches Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 27: GET /qvm/saved_searches Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve the list of vulnerability instance saved searches completed successfully.

500

1020

An error occurred while trying to retrieve the list of saved searches.

Response Description

A list of vulnerability instance saved searches that can be used or applied against:

  • /qvm/saved_searches/{saved_search_id}/vuln_instances

  • /qvm/assets

  • /qvm/vulns

  • /qvm/openservices

  • /qvm/networks

Each saved search that is returned includes an ID, name, and list of filters that make up this saved search.

Response Sample

[ { "filters": [ { "operator": "String", "parameter": "String", "value": "String" } ], "id": 42, "name": "String" } ]

GET /qvm/saved_searches/vuln_instances/{task_id}/results/assets

Lists the Vulnerability Instances assets that are returned from the vulnerability instance saved search.

Table 28: GET /qvm/saved_searches/vuln_instances/{task_id}/results/assets Resource Details

MIME Type

application/json

Table 29: GET /qvm/saved_searches/vuln_instances/{task_id}/results/assets Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

task_id

path

Required

Number (Integer)

text/plain

null

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 30: GET /qvm/saved_searches/vuln_instances/{task_id}/results/assets Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities by instance completed successfully.

404

1002

Resource not found.

500

1020

An error occurred while retrieving results.

Response Description

A list of assets associated with the vulnerability instance data.

Response Sample

[{"risk_policies": [{"passed": true, "name": "String", "last_evaluated": 42, "question_type": "String", "groups": ["String"]}], "id": 42, "domain_id": 42, "interfaces": [{"first_seen_scanner": 42, "id": 42, "first_seen_profiler": 42, "created": 42, "last_seen_profiler": 42, "last_seen_scanner": 42, "mac_address": "String", "ip_addresses": [{"first_seen_scanner": 42, "id": 42, "first_seen_profiler": 42, "created": 42, "value": "String", "last_seen_profiler": 42, "last_seen_scanner": 42, "type": "String", "network_name": "String" }] }], "hostnames": ["String"], "properties": [{"id": 42, "name": "String", "value": "String", "last_reported": 42, "type_id": 42, "last_reported_by": "String" }], "operating_systems": [{"last_seen_date": 42, "name": "String" }] }]

GET /qvm/saved_searches/vuln_instances/{task_id}/results/vuln_instances

Lists the Vulnerability Instances returned from a vulnerability instance saved search.

Table 31: GET /qvm/saved_searches/vuln_instances/{task_id}/results/vuln_instances Resource Details

MIME Type

application/json

Table 32: GET /qvm/saved_searches/vuln_instances/{task_id}/results/vuln_instances Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

task_id

path

Required

Number (Integer)

text/plain

null

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

Table 33: GET /qvm/saved_searches/vuln_instances/{task_id}/results/vuln_instances Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities by instance completed successfully.

404

1002

Resource not found

500

1020

An error occurred while retrieving results

Response Description

A list of vulnerability instance data.

Response Sample

[{"seen_by_scan_profile": "String", "last_seen_date": 42, "cvss_environmental_score_string": "String", "ports": [42], "domain_id": 42, "critical_details": "String", "first_seen_date": 42, "relevant_patches": [{"security_notice": "String", "patch_type": "String <one of: OS, NONOS>", "description": "String"}], "vulnerability_id": 42, "asset_id": 42, "id": 42, "risk_score": 42.5, "cvss_environmental_score": 42.5}]

GET /qvm/saved_searches/vuln_instances/{task_id}/results/vulnerabilities

List the Vulnerability Instances vulnerabilities returned from the saved search.

Table 34: GET /qvm/saved_searches/vuln_instances/{task_id}/results/vulnerabilities Resource Details

MIME Type

application/json

Table 35: GET /qvm/saved_searches/vuln_instances/{task_id}/results/vulnerabilities Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

task_id

path

Required

Number (Integer)

text/plain

null

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

Table 36: GET /qvm/saved_searches/vuln_instances/{task_id}/results/vulnerabilities Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities by instance completed successfully

404

1002

Resource not found

500

1020

Error while retrieving results

Response Description

list of vulnerability instance data

Response Sample

[{"severity": {"code": 42, "name": "String <one of: Patch, Urgent, Critical, High, Medium, Low>"}, "patches": [{"security_notice": "String", "description": "String"}], "description": "String", "cvss_base_score": 42.5, "cvss_temporal_score_string": "String", "cvss_base_score_string": "String", "critical_details": "String", "concern": "String", "remediation": "String", "cvss_temporal_score": 42.5, "osvdb_title": "String", "virtual_patches": [{"signature": "String", "qid": "String", "device": "String"}], "id": 42, "cve_ids": ["String"], "risk_factor": {"code": 42, "name": "String <one of: High, Medium, Low, Warning>"}}]

GET /qvm/saved_searches/vuln_instances/{task_id}/status

Retrieves the current status of a vulnerability instance search that was initiated.

Table 37: GET /qvm/saved_searches/vuln_instances/{task_id}/status Resource Details

MIME Type

application/json

Table 38: GET /qvm/saved_searches/vuln_instances/{task_id}/status Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

task_id

path

Required

Number (Integer)

text/plain

null

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 39: GET /qvm/saved_searches/vuln_instances/{task_id}/status Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve the current status of the vulnerability instance search completed successfully.

404

1002

Resource not found.

500

1020

An error occurred while retrieving status.

Response Description

Returns the status of the selected vulnerability instance search.

Response Sample

{ "id": 42, "retention_period_in_days": 42, "status": "String <one of: CANCELLED, CANCELING, CANCEL_REQUESTED, COMPLETED, EXCEPTION, INITIALIZING, INTERRUPTED, PAUSED, PROCESSING, QUEUED, RESUMING>" }

POST /qvm/saved_searches/vuln_instances/{task_id}/status

Updates the status of a vulnerability instance saved search.

Table 40: POST /qvm/saved_searches/vuln_instances/{task_id}/status Resource Details

MIME Type

application/json

Table 41: POST /qvm/saved_searches/vuln_instances/{task_id}/status Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

task_id

path

Required

Number (Integer)

text/plain

Required. The ID of the task to update.

status

query

Optional

String

text/plain

Optional. The only accepted value is CANCELLED. If this value is provided, the search is cancelled.

retention_period_in_days

query

Optional

Number (Integer)

text/plain

Optional. Set the data retention period in days for the results. Accepted values 0 - 14. Use 0 to delete a result at the next clean up cycle. Default data retention period is 2 days.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 42: POST /qvm/saved_searches/vuln_instances/{task_id}/status Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve the list of vulnerability instance saved searches completed successfully.

403

1009

You do not have the proper capabilities to retrieve the Vulnerability Instance Saved Search.

404

1002

Resource not found.

409

1004

The current status of the search prevented the task from being cancelled.

422

1005

A request parameter is not valid.

500

1020

An error occurred while retrieving status.

Response Description

Returns the status of the selected Vulnerability Instance search.

Response Sample

{ "id": 42, "retention_period_in_days": 42, "status": "String <one of: CANCELLED, CANCELING, CANCEL_REQUESTED, COMPLETED, CONFLICT, EXCEPTION, INITIALIZING, INTERRUPTED, PAUSED, PROCESSING, QUEUED, RESUMING>" }

GET /qvm/saved_searches/{saved_search_id}

Retrieves a vulnerability instance saved search.

Table 43: GET /qvm/saved_searches/{saved_search_id} Resource Details

MIME Type

application/json

Table 44: GET /qvm/saved_searches/{saved_search_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

saved_search_id

path

Required

Number (Integer)

text/plain

null

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 45: GET /qvm/saved_searches/{saved_search_id} Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve the list of vulnerability instance saved searches completed successfully

404

1002

The Saved Search does not exist

500

1020

An error occurred while trying to retrieve the vulnerability instance saved search

Response Description

A vulnerability instance saved search that can be used or applied against:

  • /qvm/saved_searches/{saved_search_id}/vuln_instances

  • /qvm/assets

  • /qvm/vulns

  • /qvm/openservices

  • /qvm/networks

The saved search contains an ID, name, and list of filters that make up this saved search.

Response Sample

{ "filters": [ { "operator": "String", "parameter": "String", "value": "String" } ], "id": 42, "name": "String" }

POST /qvm/saved_searches/{saved_search_id}

Updates the vulnerability saved search owner only.

Table 46: POST /qvm/saved_searches/{saved_search_id} Resource Details

MIME Type

application/json

Table 47: POST /qvm/saved_searches/{saved_search_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

saved_search_id

path

Required

Number (Integer)

text/plain

null

fields

header

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

Table 48: POST /qvm/saved_searches/{saved_search_id} Request Body Details

Parameter

Data Type

MIME Type

Description

Sample

saved_search

Object

application/json

null

{ "filters": [ { "operator": "String", "parameter": "String", "value": "String" } ], "id": 42, "name": "String", "owner": "String" }

Table 49: POST /qvm/saved_searches/{saved_search_id} Response Codes

HTTP Response Code

Unique Code

Description

200

 

The vulnerability saved search was updated.

403

1009

You do not have the required capabilities to update the vulnerability saved search.

404

1002

The vulnerability saved search does not exist.

409

1004

The provided user does not have the required capabilities to own the vulnerability saved search.

422

1005

A request parameter is not valid.

500

1020

null

Response Description

The vulnerability saved search after it was updated. A Vulnerability Saved Search object contains the following fields:

  • id - Long - The ID of the asset saved search.

  • name - String - The name of the asset saved search.

  • owner - String - The owner of the asset saved search.

  • isShared - Boolean - True if the asset saved search is shared with other users.

  • description - String - The description of the asset saved search.

  • filters - List of Strings - The asset saved search filters.

  • columns - List of Strings - The asset saved search columns.

Response Sample

{ "filters": [ { "operator": "String", "parameter": "String", "value": "String" } ], "id": 42, "name": "String", "owner": "String" }

DELETE /qvm/saved_searches/{saved_search_id}

Deletes a vulnerability saved search.

Table 50: DELETE /qvm/saved_searches/{saved_search_id} Resource Details

MIME Type

text/plain

Table 51: DELETE /qvm/saved_searches/{saved_search_id} Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

saved_search_id

path

Required

Number (Integer)

text/plain

null

Table 52: DELETE /qvm/saved_searches/{saved_search_id} Response Codes

HTTP Response Code

Unique Code

Description

204

 

The vulnerability saved search was deleted.

403

1009

You do not have the required capabilities to delete the vulnerability saved search.

404

1002

The vulnerability saved search does not exist.

500

1020

null

Response Description

Response Sample

GET /qvm/saved_searches/{saved_search_id}/vuln_instances

Creates the Vulnerability Instances search. This search returns a maximum of 100,000 results.

Table 53: GET /qvm/saved_searches/{saved_search_id}/vuln_instances Resource Details

MIME Type

application/json

Table 54: GET /qvm/saved_searches/{saved_search_id}/vuln_instances Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

saved_search_id

path

Required

Number (Integer)

text/plain

ID of saved search

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list based on the contents of various fields.

Range

header

Optional

String

text/plain

Optional - Specify the range for the results that you want to return, up to 100,000 results. For example, 0-599, 200-99999. The list is indexed and begins at zero.

To return the first 100,000 rows, follow these steps:

  1. Run the GET - /qvm/saved_searches/{saved_search_id}/vuln_instances endpoint with a range of 0-99999 and a saved_search_id that equals 2.

  2. Run the GET - /qvm/saved_searches/vuln_instances/{task_id}/status endpoint to check search the status

  3. When the search status changes to COMPLETED, run the GET - /qvm/saved_searches/vuln_instances/{task_id}/results/vuln_instances to get the vulnerability instances results.

Table 55: GET /qvm/saved_searches/{saved_search_id}/vuln_instances Response Codes

HTTP Response Code

Unique Code

Description

201

 

The vulnerability instance search is queued.

404

1002

null

500

1020

null

Response Description

The response returns a task ID.

Response Sample

{ "id": 42, "retention_period_in_days": 42, "status": "String <one of: CANCELLED, CANCELING, CANCEL_REQUESTED, COMPLETED, EXCEPTION, INITIALIZING, INTERRUPTED, PAUSED, PROCESSING, QUEUED, RESUMING>" }

POST /qvm/tickets/assign

Update the remediation ticket for the assigned vulnerability

Table 56: POST /qvm/tickets/assign Resource Details

MIME Type

application/json

Table 57: POST /qvm/tickets/assign Request Body Details

Parameter

Data Type

MIME Type

Description

Sample

ticket

JSON

application/json

'ticketId': required.

'priority' one of required : Critical, Major, Minor, Warning, Informational.

'status' one of required : Opened, Fixed, Re-Opened, Closed .

'dueDate' Optional : yyyy-MM-dd HH:mm:ss.

'assignedUser' required : valid JSA user account name or a valid email.

'comment' Optional : text.

'commentUser' Optional : valid JSA user account name, if not included will default current API user.

[ { "ticketId":"1000", "status":"Opened", "priority":"Critical", "dueDate":"2015-01-04 12:00:00", "assignedUser":"admin", "comment":"testComment", "commentUser":"admin" } ]

Table 58: POST /qvm/tickets/assign Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to assign a ticket completed successfully

420

9104

An error occurred while trying to assign a ticket due to invalid arguments

Response Description

success message if update succeed

Response Sample

GET /qvm/vulns

List the Vulnerabilities present in the asset model. The response will contain all available RESTful resources

Table 59: GET /qvm/vulns Resource Details

MIME Type

application/json

Table 60: GET /qvm/vulns Request Parameter Details

Parameter

Type

Optionality

Data Type

MIME Type

Description

savedSearchId

query

Optional

String

text/plain

Id of saved search

savedSearchName

query

Optional

String

text/plain

Saved search name

filters

query

Optional

Array<Object>

application/json

List of JSON objects for application of bespoke query search dataset filter. Format [{"parameter":"<value>", "operator":"<value>", "value":"<value>"}] e.g. [{"parameter":"IPv4 Address", "operator":"Equals", "value":"10.100.85.111"}]

Table 61: GET /qvm/vulns Response Codes

HTTP Response Code

Unique Code

Description

200

 

The request to retrieve vulnerabilities completed successfully

420

9101

Invalid search parameters, search cannot be performed

Response Description

list of vulnerability data

Response Sample